The electronic health card, abbreviated as eGK1, should replace the health insurance card in Germany in the future. The goal thereby is to cost-effectively configure, simplify and accelerate data transfer in future among medical care providers, health insurance companies, pharmacies and patients. This also entails, among other things, the enabling of access to an electronic medical report, an electronic medical file, and an electronic prescription with the aid of the electronic health card. 1eGK—elektronische Gesundheitskarte=electronic health card
For example, therefore, medical data objects (MDOs) such as an electronic medical report, an electronic medical file, or an electronic prescription can be encrypted and stored with digital signature on a central server. Encryption thereby takes place preferably using a symmetrical key that is individually and randomly generated for each new medical data object of an electronic medical file such as an electronic medical report or an electronic prescription. The symmetrical key itself is encrypted after its creation, for example, with a public key and stored on the central server together with the encrypted medical data objects. This public key used for encryption, together with a private key, which is saved on the electronic health card, thereby forms a cryptographic asymmetric key pair. This ensures that access to the encrypted medical data objects is possible only through use of the secret health card key. During such access, the encrypted symmetrical key is first decrypted by means of the secret health card key, whereupon further decryption of the medical data objects is possible with the decrypted symmetrical key. If during the creation of an MDO a digital signature with the secret health card key was also generated, then subsequently the integrity of the MDO and the authenticity of the MDO generator can be verified via the digital signature.
For example, DE 10 2004 051 296 B3 discloses a method for storing and querying data and corresponding computer program products. A personalized chip card enables storage of a virtual patient file on a data server. With the use of the chip card, data such as an MDO of a patient file, can be transferred encrypted and digitally signed from the data processing system of a medical practice to a data server.
Another application of chip cards for patient data is known from DE 102 58 769 A1.
The use of a chip card for encryption and decryption of medical data objects has the disadvantage that the card must always be carried by a patient and that a chip card reader must be present at the place of use. Thus, if a patient does not have his electronic health card, or there is no chip card reader available, it is not possible to access the patient's stored, encrypted medical data objects in any way during the medical consultation.
Lin, Y.; Maozhi, X.; Zhiming, Z.: “Digital signature systems based on Smartcard and fingerprint feature” in: Journal of Systems Engineering and Electronics, Vol. 18, No. 4, 2007, pp. 825-834, is concerned with signature systems based on Smartcards and fingerprint characteristics. Thereby a cryptographic key stored on the Smartcard is accessible only if the corresponding fingerprint characteristics agree with a master that is stored on the Smartcard.